Superfish Adware – After the Storm

Posted April 14, 2015

In our last ThreatMetrix Labs report, we discussed the Superfish Adware in detail together with its implications on the security ecosystem.

After the public outrage about this Threat and the fact that Lenovo pre-installed this Adware on many laptops, we wanted to revisit the occurrance of the Superfish Adware in our Global Trust Intelligence Network to see whether the various uninstall tools provided by Lenovo itself and many Antivirus Engines were able to reduce the outbreak of this adware.

We are happy to see that after the peak on Feb 2, 2015, the Adware has been rapidly declining and is now only present on a very small percentage of endusers. We believe that the majority of these uninstalls have been executed by the official Lenovo Removal tool, but it is certainly good to see that these removal tools provide a fairly quick way of removing threats – although it still took 6 month to get rid of this Adware altogether.


ThreatMetrix enables its customers to detect the presence of Superfish Adware and other nasties and this graph shows a global snapshot across all our transactions. For more information contact us at

Andreas Baumhof

Andreas Baumhof

Chief Technology Officer, ThreatMetrix

close btn